Re: Some help on methodologies and reports

["crazy frog crazy frog" <i.m.crazy.frog () gmail com>]

guess you would like to check out the collection of following reports : -
www.secgeeks.com/penetration_testing_report_format.html
---------------------------------------
http://www.secgeeks.com
http://secgeeks.com/node/feed
Submit you security articles,send them to secgeek () secgeeks com

http://www.newskicks.com
Submit and kick for new stories from all around the world.
---------------------------------------
On 12/28/06, m.delibero () comcast net <m.delibero () comcast net> wrote:
> Nikolaj,
>
>   If you are running windows you can try the OWASP Report Generator.
>
>   http://www.owasp.org/index.php/ORG_%28Owasp_Report_Generator%29
>
>   Thanks,
>   Mike de Libero
>  -------------- Original message ----------------------
> From: Nikolaj <lorddoskias () gmail com>
> > I would like to ask a few question concerning some aspects of
> > penetration testing.
> >
> > A friend setup a little lan to mimic an ISP. He has different services -
> > ranging from mysql to nagios etc. I was able to penetrate one of the
> > server which let me to another and so forth. Eg. I penetrated his
> > network. Now I want to create a legit report, so that it looks like a
> > real one. Can you give me links or some hints on what should one such
> > report include? Maybe there are drafts somewhere.
> >
> > I feel that what I did was more plain hacking than just pen testing.
> > What are the differences between them, except the business relationship.
> >
> > Regards.


--